Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
CCX Add-on for AWS Products app icon

CCX Add-on for AWS Products

About Us: CyberCX is Australia’s greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: CCX Security Operations has taken it upon ourselves to develop a CCX Add-on for AWS Products to provide further CIM compliance coverage not only for logs ingested via 'Splunk Add-on for AWS'. This TA was built using a large dataset and endeavours to be the most CIM compliant comprehensive field extraction for AWS various products listed. The Technical Addon is designed for ingest based on an SQS-Based S3 "Custom Data Type" via the Splunk Add-on for AWS or Syslog and is to be used on Search Heads. Listed products supported: - AWS Network Firewall - AWS Web Application Firewall - AWS S3 VPC Flow Features: - This TA currently supports logtypes tagged under the following CIM datamodels: Alerts, Change, Network Traffic and Web.

Built by Henrique Linsmeyer
splunk product badge
Latest Version 1.2.3
February 16, 2025
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1
CIM Version: 6.x, 5.x
Rating

0

(0)

Log in to rate this app
Support
CCX Add-on for AWS Products support icon
Developer Supported addon
About Us: CyberCX is Australia’s greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: CCX Security Operations has taken it upon ourselves to develop a CCX Add-on for AWS Products to provide further CIM compliance coverage not only for logs ingested via 'Splunk Add-on for AWS'. This TA was built using a large dataset and endeavours to be the most CIM compliant comprehensive field extraction for AWS various products listed. The Technical Addon is designed for ingest based on an SQS-Based S3 "Custom Data Type" via the Splunk Add-on for AWS or Syslog and is to be used on Search Heads. Listed products supported: - AWS Network Firewall - AWS Web Application Firewall - AWS S3 VPC Flow Features: - This TA currently supports logtypes tagged under the following CIM datamodels: Alerts, Change, Network Traffic and Web.

Categories

Created By

Henrique Linsmeyer

Type

addon

Downloads

719

Licensing

Splunk Answers

Resources

Login to report this app listing